The Agent Skills Directory

[COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute several system commands, including git log, gh run view, and npm test. These commands are essential for analyzing build failures and verifying fixes but involve arbitrary command execution within the environment.
[PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests and processes untrusted data from CI/CD environments.
Ingestion points: Untrusted data enters the agent context via gh run view --log and gh run view --log-failed in references/analyzing-failures.md, as well as through the standard output of npm test in references/fixing-tests.md.
Boundary markers: Absent. The instructions do not define clear delimiters or include warnings to the agent to ignore instructions that might be embedded within the retrieved logs or test failure messages.
Capability inventory: The skill has powerful capabilities, including Bash (shell access), Edit (ability to modify implementation and test files), and Task (invocation of sub-agents like ci-cd-fixer).
Sanitization: No sanitization or escaping of the external log content is performed before it is processed by the agent or passed to a sub-agent prompt.

ci